Information for Social Care Providers (updated 5 September 2018)

Citizen care and support relies on timely and secure information sharing and strong data security. All organisations should provide assurance that they are practicing good data security and that personal information is handled correctly. However, all too often information is still shared via post or fax. There are numerous examples of social care providers receiving important information about citizens in this way, which puts people at risk of coming to harm.

Compliance with the expected data security standards for health and social care for holding, processing or sharing personal data.

Readiness to access secure health and care digital methods of information sharing, such as NHSmailand Summary Care Records (a summary of GP information about an individual) and local information sharing solutions.

Good data security to the CQC as part of the Key lines of Enquiry (KLOEs).

The Department for Health and Social Care recommends that all social care providers complete the DSPT as they will hold, process or share personal data. Completing the DSPT is a contractual requirement for those who provide care through the NHS Standard Contract and the Toolkit helps all providers to demonstrate compliance for the GDPR, the CQC and supports information sharing.

We have worked with the Care Provider Alliance to develop the ‘Entry level’ for social care organisations, as it is understood that for many this will be a new process. ‘Entry level’ is a stepping stone to achieving at the ‘Standards Met’ level, will be time limited (subject to review) but will allow you to begin using NHSmail.

A document to help adult social care organisations with ODS codes is attached under 'Supporting documents'.

The Care Provider Alliance has also produced specific Care Provider Guidance and Templates on their website to complement the Toolkit. This resource contains a good overview of the Toolkit and other useful information.